Merge changes Ieee1d7de,Ie7780128 into rvc-dev am: f885ab33e4

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/11956180 Change-Id: I77465407e03b9d59cf111b6970c3a8e8800c92d4
2020-06-29 18:26:59 +00:00 · 2020-06-29 18:26:59 +00:00 · b393f6031d
commit b393f6031d
parent 6be558aaea f885ab33e4
4 changed files with 30 additions and 0 deletions
--- a/prebuilts/api/30.0/private/adbd.te
+++ b/prebuilts/api/30.0/private/adbd.te
@ -180,6 +180,11 @@ r_dir_file(adbd, apk_data_file)

 allow adbd rootfs:dir r_dir_perms;

+# Allow killing child "perfetto" binary processes, which auto-transition to
+# their own domain. Allows propagating termination of "adb shell perfetto ..."
+# invocations.
+allow adbd perfetto:process signal;
+
 # Allow to pull Perfetto traces.
 allow adbd perfetto_traces_data_file:file r_file_perms;
 allow adbd perfetto_traces_data_file:dir r_dir_perms;
--- a/prebuilts/api/30.0/private/perfetto.te
+++ b/prebuilts/api/30.0/private/perfetto.te
@ -47,6 +47,16 @@ allow perfetto devpts:chr_file rw_file_perms;
 allow perfetto incident_service:service_manager find;
 binder_call(perfetto, incidentd)

+# perfetto log formatter calls isatty() on its stderr. Denial when running
+# under adbd is harmless. Avoid generating denial logs.
+dontaudit perfetto adbd:unix_stream_socket getattr;
+dontauditxperm perfetto adbd:unix_stream_socket ioctl unpriv_tty_ioctls;
+# As above, when adbd is running in "su" domain (only the ioctl is denied in
+# practice).
+dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
+# Similarly, CTS tests end up hitting a denial on shell pipes.
+dontauditxperm perfetto shell:fifo_file ioctl unpriv_tty_ioctls;
+
 ###
 ### Neverallow rules
 ###
--- a/private/adbd.te
+++ b/private/adbd.te
@ -180,6 +180,11 @@ r_dir_file(adbd, apk_data_file)

 allow adbd rootfs:dir r_dir_perms;

+# Allow killing child "perfetto" binary processes, which auto-transition to
+# their own domain. Allows propagating termination of "adb shell perfetto ..."
+# invocations.
+allow adbd perfetto:process signal;
+
 # Allow to pull Perfetto traces.
 allow adbd perfetto_traces_data_file:file r_file_perms;
 allow adbd perfetto_traces_data_file:dir r_dir_perms;
--- a/private/perfetto.te
+++ b/private/perfetto.te
@ -47,6 +47,16 @@ allow perfetto devpts:chr_file rw_file_perms;
 allow perfetto incident_service:service_manager find;
 binder_call(perfetto, incidentd)

+# perfetto log formatter calls isatty() on its stderr. Denial when running
+# under adbd is harmless. Avoid generating denial logs.
+dontaudit perfetto adbd:unix_stream_socket getattr;
+dontauditxperm perfetto adbd:unix_stream_socket ioctl unpriv_tty_ioctls;
+# As above, when adbd is running in "su" domain (only the ioctl is denied in
+# practice).
+dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
+# Similarly, CTS tests end up hitting a denial on shell pipes.
+dontauditxperm perfetto shell:fifo_file ioctl unpriv_tty_ioctls;
+
 ###
 ### Neverallow rules
 ###